It's not easy to hear, but your data is not as secure as you think it is. Every day, you are putting your company's livelihood in the hands of security software tools that you blindly trust to protect your data from viruses. Are you absolutely sure your antivirus is working, and working well?
I've got bad news for you - your antivirus software cannot protect your business' data from the most dangerous cyber-threat.
Do I have your attention, yet?
Lately, we've been blogging about ransomware--the scary statistics, and ways you can avoid it. It's one topic that doesn't seem to be losing momentum any time soon. Attacks on various industries are becoming daily occurances. This is especially true of the healthcare industry and small businesses. We hear of companies paying huge sums to retrieve their data from the malicious software. Often, the companies affected aren't familiar with ransomware until it's too late.
Your antivirus software, even the most expensive software on the market, is not able to catch the majority of ransomware attacks. This is because AV software works by "maintaining a massive database of digital signatures of known viruses. The software scans your hard drive for these "fingerprints" and if it finds a file that matches known malware, it will attempt to delete it". Ransomware viruses are often too new or too unknown to be in the AV software's database.
Ransomware is a form of malware, but it's definitely unique in how it works. This malicious virus keeps your data encrypted (unaccessible) until the ransom is paid. According to Ed Cabrera, the vice president of cybersecurity strategy at Trend Micro, "Decrypting as a way of mitigating [the ransomware threat] is unfortunately not going to be the avenue that people should be relying on." Basically, "the encryption used by modern ransomware is too good to crack". This means that the only way for a small business without a good backup system will have to pay the ransom (typically between $500-$1,000) to get their data back. Paying the ransom is doubly dangerous because a) you're trusting a cybercriminal to actually release your data after you've paid them, and b) once you pay the ransom once, you're more likely to get targeted again because the cybercriminal knows you'll pay.
The best defense against ransomware attacks is prevention. If you've already been infected, it's too late. Instead, you should be thinking ahead to when (not 'if') you'll be targeted by this horrific virus. Educate yourself and your employees on the common ransomware infection methods (usually attachments in emails). Implement a business continuity plan with your managed service provider, and work with them to ensure your backup device is functioning properly. Lastly, use a ransomware detection tool to help round out the missing pieces in your antivirus software.